Description
Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute arbitrary commands via shell metacharacters (a | pipe character) provided as arguments to batch (.bat) or .cmd scripts, which are sent unfiltered to the shell interpreter, typically cmd.exe.
Remediation
References
Related Vulnerabilities
PHP Other Vulnerability (CVE-2005-0524)
WordPress Plugin Fancy Product Designer-WooCommerce Arbitrary File Upload (4.5.1)
WordPress Plugin Online Hotel Booking System Pro SQL Injection (1.0)
Drupal Core 7.x Multiple Cross-Site Scripting Vulnerabilities (7.0 - 7.85)
Oracle HTTP Server CVE-2021-2480 Vulnerability (CVE-2021-2480)